This is a big difference between privacy and security.
Comment on Signal under fire for storing encryption keys in plaintext
Tramort@programming.dev 4 months agoIt is a super important detail, but it’s still unforgivable for an app that expects privacy to be part of its brand identity.
brakebreaker101@lemmy.world 4 months ago
Tramort@programming.dev 4 months ago
Agreed
But you can’t have privacy without security, and any privacy brand must have security in their bones.
claudiop@lemmy.world 4 months ago
You can’t encrypt anything without a key. This is the key. If it wasn’t in plaintext then it would be encrypted. Then you’d need a key for that. Where do you put it?
Phone OSs have mechanisms to solve this. Desktop ones do not.
breadsmasher@lemmy.world 4 months ago
yeah absolutely agreed